recog 2.3.15 → 2.3.20

Sign up to get free protection for your applications and to get access to all the features.
Files changed (53) hide show
  1. checksums.yaml +4 -4
  2. data/.github/workflows/ci.yml +26 -0
  3. data/.snyk +10 -0
  4. data/LICENSE +1 -1
  5. data/bin/recog_standardize +8 -2
  6. data/cpe-remap.yaml +314 -170
  7. data/identifiers/README.md +24 -10
  8. data/identifiers/fields.txt +104 -0
  9. data/identifiers/hw_device.txt +5 -4
  10. data/identifiers/hw_family.txt +17 -0
  11. data/identifiers/hw_product.txt +87 -6
  12. data/identifiers/os_architecture.txt +0 -10
  13. data/identifiers/os_device.txt +12 -31
  14. data/identifiers/os_family.txt +2 -94
  15. data/identifiers/os_product.txt +45 -124
  16. data/identifiers/service_family.txt +14 -37
  17. data/identifiers/service_product.txt +283 -88
  18. data/identifiers/vendor.txt +99 -192
  19. data/lib/recog/version.rb +1 -1
  20. data/requirements.txt +1 -1
  21. data/update_cpes.py +110 -49
  22. data/xml/apache_modules.xml +60 -0
  23. data/xml/dns_versionbind.xml +40 -17
  24. data/xml/favicons.xml +163 -20
  25. data/xml/ftp_banners.xml +25 -25
  26. data/xml/hp_pjl_id.xml +1 -1
  27. data/xml/html_title.xml +561 -51
  28. data/xml/http_cookies.xml +266 -61
  29. data/xml/http_servers.xml +472 -96
  30. data/xml/http_wwwauth.xml +53 -26
  31. data/xml/ldap_searchresult.xml +10 -6
  32. data/xml/mdns_device-info_txt.xml +308 -10
  33. data/xml/ntp_banners.xml +15 -1
  34. data/xml/operating_system.xml +1 -0
  35. data/xml/rtsp_servers.xml +7 -0
  36. data/xml/sip_banners.xml +346 -8
  37. data/xml/sip_user_agents.xml +321 -7
  38. data/xml/smb_native_lm.xml +32 -1
  39. data/xml/smb_native_os.xml +158 -33
  40. data/xml/smtp_banners.xml +48 -7
  41. data/xml/smtp_expn.xml +1 -0
  42. data/xml/smtp_help.xml +2 -0
  43. data/xml/smtp_vrfy.xml +3 -1
  44. data/xml/snmp_sysdescr.xml +211 -42
  45. data/xml/ssh_banners.xml +127 -14
  46. data/xml/telnet_banners.xml +44 -14
  47. data/xml/tls_jarm.xml +140 -0
  48. data/xml/x509_issuers.xml +179 -7
  49. data/xml/x509_subjects.xml +252 -35
  50. metadata +6 -5
  51. data/identifiers/software_class.txt +0 -26
  52. data/identifiers/software_family.txt +0 -91
  53. data/identifiers/software_product.txt +0 -333
@@ -1,16 +1,27 @@
1
1
  # Recog: Identifiers
2
2
 
3
- This directory contains lists of standard identifiers for mapping Recog matches. The goal is define a standard set of constants to represent known software, hardware, vendors, and categories.
3
+ This directory contains lists of standard identifiers for mapping Recog matches.
4
+ The goal is define a standard set of constants to represent known software,
5
+ hardware, vendors, and categories.
4
6
 
5
- This is currently incomplete and will be updated as standardization work moves forward.
7
+ This is currently incomplete and will be updated as standardization work moves
8
+ forward.
6
9
 
7
- Fingerprints should use these identifiers whenever possible; if a different name or syntax for a given identifier is preferred, this should be implemented in the application through a mapping function.
10
+ Fingerprints should use these identifiers whenever possible; if a different name
11
+ or syntax for a given identifier is preferred, this should be implemented in the
12
+ application through a mapping function.
8
13
 
9
14
  ## Lists
10
15
 
16
+ ### Fields
17
+
18
+ `fields.txt` defines the various fields (`os.vendor`, etc.) used to assert
19
+ information about a match.
20
+
11
21
  ### Vendors
12
22
 
13
- `vendor.txt` defines known vendor names, covering services, operating systems, and hardware.
23
+ `vendor.txt` defines known vendor names, covering services, operating systems,
24
+ and hardware.
14
25
 
15
26
  ### Operating Systems
16
27
 
@@ -22,14 +33,14 @@ Fingerprints should use these identifiers whenever possible; if a different name
22
33
 
23
34
  `os_device.txt` defines known types of devices by function or purpose.
24
35
 
25
-
26
36
  ### Hardware
27
37
 
28
38
  `hw_product.txt` defines known hardware product names.
29
39
 
30
40
  `hw_family.txt` defines known hardware product families.
31
41
 
32
- `hw_device.txt` defines known types of devices by function or purpose (overlaps with `os_device.txt`).
42
+ `hw_device.txt` defines known types of devices by function or purpose (overlaps
43
+ with `os_device.txt`).
33
44
 
34
45
  ### Services
35
46
 
@@ -47,10 +58,13 @@ Fingerprints should use these identifiers whenever possible; if a different name
47
58
 
48
59
  ## Pending Work
49
60
 
50
- * All existing fingerprints should be correlated against these lists to identify mismatches and updated accordingly.
61
+ * All existing fingerprints should be correlated against these lists to
62
+ identify mismatches and updated accordingly.
51
63
 
52
- * All net new identifiers from the existing fingerprints should be merged into these lists.
64
+ * All net new identifiers from the existing fingerprints should be merged into
65
+ these lists.
53
66
 
54
- * All fingerprint assertions should be enumerated, documented, and standardized where possible (`host.mac`, etc).
67
+ * All fingerprint assertions should be enumerated, documented, and standardized
68
+ where possible (`host.mac`, etc).
55
69
 
56
- * Hardware identifiers should be enumerated, consolidated, and standardized.
70
+ * Hardware identifiers should be enumerated, consolidated, and standardized.
@@ -0,0 +1,104 @@
1
+ agilent.serial
2
+ apache.info
3
+ apache.variant
4
+ apache.variant.version
5
+ chromecast.capabilities
6
+ chromecast.generation
7
+ chromecast.serial_number
8
+ cisco.imc_model
9
+ cisco.serial_number
10
+ cookie
11
+ dell.service_tag
12
+ extron.model
13
+ fortinet.serial_number
14
+ host.domain
15
+ host.id
16
+ host.ip
17
+ host.mac
18
+ host.mac_eui64
19
+ host.mac_local
20
+ host.name
21
+ host.time
22
+ hw.certainty
23
+ hw.cpe23
24
+ hw.device
25
+ hw.family
26
+ hw.model
27
+ hw.product
28
+ hw.series
29
+ hw.vendor
30
+ hw.version
31
+ imail.eval
32
+ jetty.info
33
+ junction.cookie
34
+ junction.name
35
+ lenovo.machine_model
36
+ lenovo.machine_type
37
+ linux.kernel.version
38
+ loadbalancer.poolname
39
+ mdaemon.unregistered
40
+ mercur.os.info
41
+ metainfo.version
42
+ metainfo.version.version
43
+ ms.nttp.version
44
+ notes.build.version
45
+ ntmail.id
46
+ openssh.comment
47
+ openssh.cvepatch
48
+ os.arch
49
+ os.build
50
+ os.certainty
51
+ os.cpe23
52
+ os.device
53
+ os.edition
54
+ os.family
55
+ os.model
56
+ os.product
57
+ os.rev
58
+ os.vendor
59
+ os.version
60
+ os.version.version
61
+ os.version.version.version
62
+ postfix.os.info
63
+ postoffice.build
64
+ postoffice.id
65
+ procurve.model
66
+ proftpd.server.name
67
+ pureftpd.config
68
+ python.version
69
+ qpopper.version
70
+ ruckus.serial_number
71
+ securetransport.build
72
+ sendmail.config.version
73
+ sendmail.hpux.phne.version
74
+ sendmail.vendor.version
75
+ service.certainty
76
+ service.component.cpe23
77
+ service.component.family
78
+ service.component.product
79
+ service.component.vendor
80
+ service.component.version
81
+ service.cpe23
82
+ service.device
83
+ service.edition
84
+ service.family
85
+ service.node
86
+ service.product
87
+ service.protocol
88
+ service.vendor
89
+ service.version
90
+ service.version.version
91
+ service.version.version.version
92
+ service.version.version.version.version
93
+ siemens.model
94
+ snmp.fpmib.oid.1
95
+ snmp.fpmib.oid.2
96
+ system.time
97
+ system.time.format
98
+ system.time.micros
99
+ system.time.millis
100
+ tandberg.model
101
+ thttpd.mx-patch
102
+ tomcat.info
103
+ wd2go.device_id
104
+ zmailer.ident
@@ -4,7 +4,7 @@ Access Control
4
4
  Alarm Panel
5
5
  Appliance
6
6
  Audio Encoder
7
- Broadband router
7
+ Broadband Router
8
8
  Building Automation
9
9
  Cable Modem
10
10
  Check Scanner
@@ -22,6 +22,7 @@ Ethernet Adapter
22
22
  Firewall
23
23
  HMI Controller
24
24
  Handheld Scanner
25
+ Hypervisor
25
26
  IP Camera
26
27
  IPS
27
28
  Industrial Control
@@ -40,11 +41,12 @@ Network Appliance
40
41
  Network Audio
41
42
  Network Management Device
42
43
  PLC
44
+ Power Device
43
45
  Power Relay
44
- Power device
45
46
  Powerline
46
- Print server
47
+ Print Server
47
48
  Printer
49
+ Relay Controller
48
50
  Router
49
51
  SD-WAN Appliance
50
52
  SIP Device
@@ -71,7 +73,6 @@ VoIP Switch
71
73
  Voice Appliance
72
74
  WAP
73
75
  WLAN Repeater
74
- Web cam
75
76
  Whiteboard
76
77
  Wireless Controller
77
78
  Wireless Presenter
@@ -5,16 +5,20 @@ AirPort
5
5
  Apple TV
6
6
  Communication Manager
7
7
  DVR
8
+ Data ONTAP
8
9
  DiskStation
9
10
  Document Centre
11
+ EDR
10
12
  Extended Systems ExtendNet
11
13
  FRITZ!Box
14
+ FRITZ!Fon
12
15
  FRITZ!Powerline
13
16
  FRITZ!WLAN Repeater
14
17
  FS
15
18
  Firewall-1
16
19
  Forms Printer
17
20
  FortiGate
21
+ FortiVoice
18
22
  GW25
19
23
  GXV
20
24
  GXW
@@ -36,12 +40,16 @@ Mac mini
36
40
  MacBook
37
41
  MacBook Pro
38
42
  MegaRAC
43
+ MiiNePort
39
44
  Multifunction
40
45
  My Book
41
46
  NE
42
47
  NPort
48
+ NetScaler
43
49
  NetVanta
50
+ Netscaler
44
51
  Network Audio
52
+ Network Security Appliance
45
53
  Network Video Door Station
46
54
  Optra
47
55
  Orbi
@@ -57,8 +65,13 @@ Router
57
65
  S500 Range
58
66
  SIP Device
59
67
  SIP Gateway
68
+ SL2100
60
69
  Service Access Switch
61
70
  Service Router
71
+ Simatic HMI
72
+ Simatic NET
73
+ Simatic S7
74
+ Simatic Sinumerik
62
75
  SoundPoint
63
76
  SoundTouch
64
77
  SpeedTouch
@@ -73,9 +86,12 @@ TelePresence
73
86
  Time Capsule
74
87
  TippingPoint
75
88
  Turbo Station
89
+ UNIVERGE
76
90
  UniFi
77
91
  Unified Security Gateway
92
+ VDX
78
93
  VSX
94
+ Vigor
79
95
  VoIP
80
96
  WD2GO
81
97
  WiMax
@@ -87,6 +103,7 @@ Xserve
87
103
  ZXDSL
88
104
  ZXHN
89
105
  ZXV
106
+ airMAX
90
107
  iLO
91
108
  iMac
92
109
  iPad
@@ -3,15 +3,18 @@
3
3
  34972A Data Logger
4
4
  3PAR
5
5
  53230A Frequency Counter
6
+ 883 VoIP
6
7
  ADB-4820CD
7
8
  APIC
8
9
  AV Receiver
9
10
  AVC787
11
+ Access Control
10
12
  Access Gateway
11
13
  Access Point
12
14
  Adaptive Security Appliance
13
15
  AirPort Express
14
16
  AirPort Extreme
17
+ Alarm Panel
15
18
  AppDynamics
16
19
  Apple TV (2nd generation)
17
20
  Apple TV (3rd generation)
@@ -33,27 +36,38 @@ Catalyst
33
36
  Catalyst 1900
34
37
  Celerra
35
38
  Chromecast
39
+ ClearPass Policy Manager
36
40
  ClickShare
37
41
  CloudKey
38
42
  CommandPost
39
43
  ConnectUPS Web Card
40
44
  Crosswork SON Appliance
45
+ D Series
46
+ DCS-825L
47
+ DCS-932
41
48
  DD OS
42
49
  DNA Center
43
50
  DSL Router
51
+ Data ONTAP
44
52
  Digital Signage Player
45
53
  Discover
46
54
  Discovery
47
55
  Document Centre
48
56
  DuraFon
49
57
  ECOM100
58
+ EDR-G902
59
+ EDR-G903
60
+ EM7
50
61
  EP-series
51
62
  EXA Signal Analyzer
52
63
  Eagle Eye Director II
53
64
  EchoLife Home Gateway
65
+ EdgeRouter X
54
66
  EdgeSwitch
55
67
  Elevation
68
+ Email Security Gateway
56
69
  EqualLogic
70
+ Ethernet Relay Controller
57
71
  Ethernet Relay Module
58
72
  Excella
59
73
  Fastmark M5
@@ -64,15 +78,26 @@ Firewall-1
64
78
  FlexiPacket Hub
65
79
  FortiMail
66
80
  FortiManager
81
+ GXP1610
82
+ GXP1615
83
+ GXP1625
84
+ GXP1628
85
+ GXP2200
67
86
  GigaVUE
68
87
  HDHomeRun
69
88
  HDIPCam
70
- HDX {hw.model}
89
+ HT801
90
+ HT802
91
+ HT812
92
+ HT813
93
+ HT814
94
+ HT818
71
95
  HiPer Access Router Card
72
96
  Home Controller
73
97
  Home Gateway
74
98
  HomePod
75
99
  Hue
100
+ HyperFlex Connect
76
101
  IA Appliance
77
102
  IAM
78
103
  IBHLink S7++
@@ -83,6 +108,7 @@ IP Link Control Processor
83
108
  IP2IR
84
109
  IPMI
85
110
  IVR
111
+ Infinity Controler
86
112
  IntelliSlot Web Card
87
113
  Internet Payment Gateway
88
114
  Internet Phone Adapter
@@ -94,6 +120,7 @@ JetDirect
94
120
  K1000
95
121
  KWS-1043N
96
122
  Key Management
123
+ Key Management Server
97
124
  Lantick Ethernet Relay Controller
98
125
  Lencore Sound Manager 2
99
126
  MDS 9000
@@ -109,6 +136,7 @@ Mac mini (Late 2009)
109
136
  Mac mini (Late 2012)
110
137
  Mac mini (Late 2014)
111
138
  Mac mini (Late 2018)
139
+ Mac mini (M1, 2020)
112
140
  Mac mini (Mid 2007)
113
141
  Mac mini (Mid 2010)
114
142
  Mac mini (Mid 2011)
@@ -126,16 +154,20 @@ MacBook Air (13-inch, Early 2014)
126
154
  MacBook Air (13-inch, Late 2010)
127
155
  MacBook Air (13-inch, Mid 2011)
128
156
  MacBook Air (13-inch, Mid 2012)
157
+ MacBook Air (M1, 2020)
129
158
  MacBook Air (Mid 2009)
130
159
  MacBook Air (Retina, 13-inch, 2018)
131
160
  MacBook Air (Retina, 13-inch, 2019)
161
+ MacBook Air (Retina, 13-inch, 2020)
132
162
  MacBook Pro (13-inch, 2016, Four Thunderbolt 3 ports)
133
163
  MacBook Pro (13-inch, 2016, Two Thunderbolt 3 ports)
134
164
  MacBook Pro (13-inch, 2017, Four Thunderbolt 3 ports)
135
165
  MacBook Pro (13-inch, 2017, Two Thunderbolt 3 ports)
136
166
  MacBook Pro (13-inch, 2018, Four Thunderbolt 3 ports)
137
167
  MacBook Pro (13-inch, 2019, Two Thunderbolt 3 ports)
168
+ MacBook Pro (13-inch, 2020)
138
169
  MacBook Pro (13-inch, Late 2011)
170
+ MacBook Pro (13-inch, M1, 2020)
139
171
  MacBook Pro (13-inch, Mid 2009)
140
172
  MacBook Pro (13-inch, Mid 2010)
141
173
  MacBook Pro (13-inch, Mid 2012)
@@ -147,6 +179,8 @@ MacBook Pro (15-inch, Late 2008)
147
179
  MacBook Pro (15-inch, Late 2011)
148
180
  MacBook Pro (15-inch, Mid 2009)
149
181
  MacBook Pro (15-inch, Mid 2010)
182
+ MacBook Pro (15-inch, Mid 2012)
183
+ MacBook Pro (16-inch, 2019)
150
184
  MacBook Pro (17-inch, Early 2008)
151
185
  MacBook Pro (17-inch, Late 2011)
152
186
  MacBook Pro (17-inch, Mid 2009)
@@ -158,29 +192,43 @@ MacBook Pro (Retina, 15-inch, Early 2013)
158
192
  MacBook Pro (Retina, 15-inch, Late 2013)
159
193
  MacBook Pro (Retina, 15-inch, Mid 2015)
160
194
  Makito X Decoder
195
+ Media Gateway
161
196
  MediaLink Controller
162
197
  MediaSense
163
198
  Meeting Management
199
+ Meeting Server
164
200
  MegaRAC
201
+ Meraki Device
165
202
  Mercury
166
203
  Mergepoint
167
204
  Miniserver
168
205
  My Book Live
169
206
  N5172B Signal Generator
207
+ NAM
208
+ NAS4Free
170
209
  NFVIS
171
210
  NPort
211
+ NetScaler Gateway
212
+ NetScaler SDX Gateway
172
213
  NetScreen
173
214
  NetVR
174
215
  Netbox
216
+ Netscaler Gateway
217
+ Network Camera
175
218
  Network Gateway
176
219
  Network Node
220
+ Network Security Appliance
221
+ Nexus 1000V
177
222
  Nexus Player
223
+ OfficeConnect Switch
178
224
  OnHub
179
225
  OpenManage
180
226
  OpenManage Switch
181
227
  OpenNAC
228
+ Orbi micro
182
229
  Orbit IP Camera
183
230
  PDR M800
231
+ PIAF Virtual Appliance
184
232
  PLAY
185
233
  PLC-5
186
234
  Paragon-100G
@@ -191,23 +239,29 @@ Prime Collaboration Manager
191
239
  Primergy
192
240
  Printer
193
241
  Prosafe Plus
242
+ R Series
243
+ RT31P2
194
244
  RTU
195
245
  Rack PDU Card
196
246
  Raspberry Pi
197
247
  ReadyNAS
198
- RealPresence Group {hw.model}
199
- RealPresence Trio {hw.model}
200
248
  RecoverPoint
201
249
  ReeCam
202
250
  Roku
203
- Room Alert {hw.product.model}
251
+ Room Alert
204
252
  S7 DALI Gateway
253
+ SD-WAN
205
254
  SHIELD
206
255
  SIP Gateway
207
256
  SIParator Firewall
257
+ SL2100
208
258
  SLS
209
259
  SPA
260
+ SPA112
261
+ SPA122
210
262
  SRP
263
+ SV8100
264
+ SV9100
211
265
  ScanFront
212
266
  Scrutinizer
213
267
  Sensor
@@ -222,27 +276,37 @@ SolsticePod
222
276
  SoundPoint
223
277
  Spot
224
278
  Stealthwatch
279
+ Steelhead
225
280
  Storage Appliance
226
281
  Sub
282
+ Sunny WebBox
227
283
  SuperStack 3
228
284
  SuperStack 3 Firewall
229
285
  SuperStack II
230
286
  Symmetry EN-2DBC
231
287
  System Management
288
+ TG789vac
232
289
  TelePresence
233
290
  TelePresence MCU
234
- TemPageR {hw.product.model}
235
291
  Tenable Appliance
236
292
  Tenable Core
237
- Thermal Label Printer {hw.model}
293
+ Tetration
238
294
  Time Capsule
239
295
  TouchLink Control Panel
296
+ UCM6202
297
+ UCM6204
298
+ UCM6208
240
299
  UCS Manager
300
+ USG20-VPN
301
+ USG40
302
+ USG60
241
303
  UniFi Cloud Key
242
304
  UniFi NVR
243
305
  UniFi Security Gateway
306
+ Univerge
244
307
  Universal Media Gateway
245
308
  VBrick Rev
309
+ VPN Gateway
246
310
  Verizon FiOS Router
247
311
  Video Controller
248
312
  Vigor
@@ -250,12 +314,14 @@ Virtual Connect Manager
250
314
  Virtual Traffic Manager
251
315
  Vood
252
316
  WLAN AP
317
+ WNR2000
253
318
  WebBox
254
319
  Whiteboard
255
320
  Wireless Dock
256
321
  Wireless LAN Controller
257
322
  Wireless Router
258
323
  XCC
324
+ Xfinity Broadband Router
259
325
  Xserve (Early 2008)
260
326
  Xserve (Early 2009)
261
327
  Xserve (Late 2006)
@@ -268,6 +334,9 @@ e-STUDIO
268
334
  iCOM Control Panel
269
335
  iDRAC
270
336
  iLO
337
+ iLO 3
338
+ iLO 4
339
+ iMac (20/24-inch, Early 2008)
271
340
  iMac (21.5-inch, 2017)
272
341
  iMac (21.5-inch, Late 2012)
273
342
  iMac (21.5-inch, Late 2013)
@@ -286,6 +355,7 @@ iMac (Retina 4K, 21.5-inch, 2019)
286
355
  iMac (Retina 4K, 21.5-inch, Late 2015)
287
356
  iMac (Retina 5K, 27-inch, 2017)
288
357
  iMac (Retina 5K, 27-inch, 2019)
358
+ iMac (Retina 5K, 27-inch, 2020)
289
359
  iMac (Retina 5K, 27-inch, Late 2015)
290
360
  iMac (Retina 5K, 27-inch, Mid 2015)
291
361
  iMac Pro (Retina 5K, Late 2017)
@@ -297,7 +367,11 @@ iPad Air (3rd generation)
297
367
  iPad Air 2
298
368
  iPad Pro (10.5-inch)
299
369
  iPad Pro (11-inch)
370
+ iPad Pro (11-inch, 2nd generation)
300
371
  iPad Pro (12.9-inch)
372
+ iPad Pro (12.9-inch, 2nd generation)
373
+ iPad Pro (12.9-inch, 3rd generation)
374
+ iPad Pro (12.9-inch, 4th generation)
301
375
  iPad Pro (9.7-inch)
302
376
  iPad mini
303
377
  iPad mini (5th generation)
@@ -305,6 +379,12 @@ iPad mini 2
305
379
  iPad mini 3
306
380
  iPad mini 4
307
381
  iPhone
382
+ iPhone 11 Pro
383
+ iPhone 11 Pro Max
384
+ iPhone 12 5G
385
+ iPhone 12 Mini 5G
386
+ iPhone 12 Pro 5G
387
+ iPhone 12 Pro Max 5G
308
388
  iPhone 3G
309
389
  iPhone 3GS
310
390
  iPhone 4
@@ -321,6 +401,7 @@ iPhone 7 Plus
321
401
  iPhone 8
322
402
  iPhone 8 Plus
323
403
  iPhone SE
404
+ iPhone SE (2020)
324
405
  iPhone X
325
406
  iPhone XR
326
407
  iPhone XS